<?php
/**
 * 
 * --------------------------------------------------------------------------------------------------
 * 版权所有 2013-2018 东茂鹏博（北京）科技有限公司，并保留所有权利。
 * 
 * --------------------------------------------------------------------------------------------------
 * 
 * --------------------------------------------------------------------------------------------------
 * Author: Dmpb
 * Release Date: 2018-05-23
 */
define('IN_DOUCO', true);

require (dirname(__FILE__) . '/include/init.php');

// rec操作项的初始化
$rec = $check->is_rec($_REQUEST['rec']) ? $_REQUEST['rec'] : 'default';

// 图片上传
include_once (ROOT_PATH . 'include/upload.class.php');
$images_dir = 'images/article/'; // 文件上传路径，结尾加斜杠
$img = new Upload(ROOT_PATH . $images_dir); // 实例化类文件
if (!file_exists(ROOT_PATH . $images_dir))
    mkdir(ROOT_PATH . $images_dir, 0777);

// 附件上传
$files_dir = 'images/upload/file/'; // 附件文件上传路径
$file = new Upload(ROOT_PATH . $files_dir, 'thumb/', 'pdf,doc,docx', '1024000');
if (!file_exists(ROOT_PATH . $files_dir))
    mkdir(ROOT_PATH . $files_dir, 0777);

// 文章显示类型
$cat_array = array("none", "normal", "normal", "normal", "title_link_download", "normal", "normal_image", "group", "outter_link", "title_link", "link_or_not",
    "normal_subtitle", "title_link", "normal_image", "normal_image", "title_link", "normal", "normal", "title_link", "normal", "normal" , "normal_subtitle", "normal_subtitle","normal_subtitle");
// array(空, 实验室简介 行政机构 学术委员会 实验室年报 联系方式 超导简介 课题组 科研进展 获奖 文章
// 学术报告 学术会议 课题组主要仪器 公共仪器 招生信息 招聘信息 党群园地 新闻动态 通知公告 二级分类*3)

// 赋值给模板
$smarty->assign('rec', $rec);
$smarty->assign('cur', 'article');
$smarty->assign('cat_array', $cat_array);

/**
 * +----------------------------------------------------------
 * 文章列表
 * +----------------------------------------------------------
 */
if ($rec == 'default') {
    $cat_id = $check->is_number($_REQUEST['cat_id']) ? $_REQUEST['cat_id'] : 0;

    $smarty->assign('ur_here', $_LANG['liebiao']);
    $smarty->assign('action_link', array (
            'text' => $_LANG['tianjia'],
            'href' => 'article.php?rec=add&cat_id=' . $cat_id
    ));
    
    // 获取参数
    $keyword = isset($_REQUEST['keyword']) ? trim($_REQUEST['keyword']) : '';
    
    // 筛选条件
    $where = ' WHERE cat_id IN (' . $cat_id . $dou->dou_child_id('article_category', $cat_id) . ')';
    if ($keyword) {
        $where = $where . " AND title LIKE '%$keyword%'";
        $get = '&keyword=' . $keyword;
    }
    
    // 分页
    $page = $check->is_number($_REQUEST['page']) ? $_REQUEST['page'] : 1;
    $page_url = 'article.php' . ($cat_id ? '?cat_id=' . $cat_id : '');
    $limit = $dou->pager('article', 15, $page, $page_url, $where, $get);
    
    $sql = "SELECT id, title, lang, cat_id, image,date, sort, add_time FROM " . $dou->table('article') . $where . " ORDER BY title" . $limit;
    $query = $dou->query($sql);
    while ($row = $dou->fetch_array($query)) {
        $cat_name = $dou->get_one("SELECT cat_name FROM " . $dou->table('article_category') . " WHERE cat_id = '$row[cat_id]'");
        $add_time = date("Y-m-d", $row['add_time']);
        
        $article_list[] = array (
                "id" => $row['id'],
                "lang" => $row['lang'],
                "cat_id" => $row['cat_id'],
                "cat_name" => $cat_name,
                "title" => $row['title'],
                "image" => $row['image'],
                "date" => $row['date'],
                "sort" => $row['sort'],
                "add_time" => $add_time 
        );
    }
 
    // 赋值给模板
    if ($cat_id) {
        $smarty->assign('cur', $cat_id);
        $cat_parent_id = $dou->get_one("SELECT parent_id FROM " . $dou->table('article_category') . " WHERE cat_id = '$cat_id'");
        if($cat_parent_id){
            $cat_child = $dou->get_category('article_category', $cat_parent_id);
        }
        else{
            $cat_child = $dou->get_category('article_category', $cat_id);
        }
        $smarty->assign('cat_parent_id', $cat_parent_id);
        $smarty->assign('cat_child', $cat_child);
    }
    $smarty->assign('sort', $dou->get_sort('article', 'title'));
    $smarty->assign('cat_id', $cat_id);
    $smarty->assign('keyword', $keyword);
    $smarty->assign('article_category', $dou->get_category_nolevel('article_category'));
    $smarty->assign('article_list', $article_list);
    
    $smarty->display('article.htm');
} 

/**
 * +----------------------------------------------------------
 * 文章添加
 * +----------------------------------------------------------
 */
elseif ($rec == 'add') {
    $smarty->assign('ur_here', $_LANG['tianjia']);
    $smarty->assign('action_link', array (
            'text' => $_LANG['liebiao'],
            'href' => 'article.php'
    ));
    
    // 格式化自定义参数，并存到数组$article，文章编辑页面中调用文章详情也是用数组$article，
    if ($_DEFINED['article']) {
        $defined = explode(',', $_DEFINED['article']);
        foreach ($defined as $row) {
            $defined_article .= $row . "：\n";
        }
        $article['defined'] = trim($defined_article);
        $article['defined_count'] = count(explode("\n", $article['defined'])) * 2;
    }

    //获取参数:添加的文章种类
    $cat_id = $check->is_number($_REQUEST['cat_id']) ? $_REQUEST['cat_id'] : 0;
    $now_year = date('Y');
    $years = array();
    for ($x=$now_year; $x>=2001; $x--) {
        array_push($years, $x);
    }

    // CSRF防御令牌生成
    $smarty->assign('token', $firewall->get_token());
    
    // 赋值给模板
    if ($cat_id) {
        $smarty->assign('cur', $cat_id);
        $cat_parent_id = $dou->get_one("SELECT parent_id FROM " . $dou->table('article_category') . " WHERE cat_id = '$cat_id'");
        if($cat_parent_id){
            $cat_child = $dou->get_category('article_category', $cat_parent_id);
        }
        else{
            $cat_child = $dou->get_category('article_category', $cat_id);
        }
        $smarty->assign('cat_child', $cat_child);
    }
    $smarty->assign('form_action', 'insert');
    $smarty->assign('years', $years);
    $smarty->assign('cur', $cat_id);
    $smarty->assign('cat_id', $cat_id);
    $smarty->assign('article_category', $dou->get_category_nolevel('article_category'));
    $smarty->assign('article', $article);
    
    $smarty->display('article.htm');
} 

elseif ($rec == 'insert') {
    // 验证标题
    if (empty($_POST['title'])) $dou->dou_msg($_LANG['article_name'] . $_LANG['is_empty']);
    
    // 图片上传
    if ($_FILES['image']['name'] != "")
        $image = $images_dir . $img->upload_image('image', $img->create_file_name('article'));

    // 附件上传
    if ($_FILES['file1']['name'] != "")
        $file1 = $files_dir . $file->upload_file('file1', $file->create_file_name('article'));
    if ($_FILES['file2']['name'] != "")
        $file2 = $files_dir . $file->upload_file('file2', $file->create_file_name('article'));
    if ($_FILES['file3']['name'] != "")
        $file3 = $files_dir . $file->upload_file('file3', $file->create_file_name('article'));
    
    // 数据格式化
    $add_time = time();
    $_POST['defined'] = str_replace("\r\n", ',', $_POST['defined']);
        
    // CSRF防御令牌验证
    $firewall->check_token($_POST['token']);
    
    $sql = "INSERT INTO " . $dou->table('article') . " (id, cat_id, title, lang, rgcat_id, defined, content, image, file1, file2, file3, date, author, publisher, url, keywords, description, sort, add_time)" .
        " VALUES (NULL, '$_POST[cat_id]', '$_POST[title]', '$_POST[lang]', '$_POST[rgcat_id]', '$_POST[defined]', '$_POST[content]', '$image', '$file1', '$file2', '$file3', '$_POST[date]', '$_POST[author]', '$_POST[publisher]', '$_POST[url]', '$_POST[keywords]', '$_POST[description]', '$_POST[sort]', '$add_time')";
    $dou->query($sql);
    
    $dou->create_admin_log($_LANG['article_add'] . ': ' . $_POST['title']);
    $dou->dou_msg($_LANG['article_add_succes'], 'article.php?cat_id=' . $_POST[cat_id]);
}

/**
 * +----------------------------------------------------------
 * 文章编辑
 * +----------------------------------------------------------
 */
elseif ($rec == 'edit') {
    $smarty->assign('ur_here', $_LANG['xiugai']);
    $smarty->assign('action_link', array (
            'text' => $_LANG['liebiao'],
            'href' => 'article.php' 
    ));
    
    // 验证并获取合法的ID
    $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : '';
    
    $query = $dou->select($dou->table('article'), '*', '`id` = \'' . $id . '\'');
    $article = $dou->fetch_array($query);
    $article['content'] = str_replace("&nbsp;", "&amp;nbsp;", $article['content']);
    
    // 格式化自定义参数
    if ($_DEFINED['article'] || $article['defined']) {
        $defined = explode(',', $_DEFINED['article']);
        foreach ($defined as $row) {
            $defined_article .= $row . "：\n";
        }
        // 如果文章中已经写入自定义参数则调用已有的
        $article['defined'] = $article['defined'] ? str_replace(",", "\n", $article['defined']) : trim($defined_article);
        $article['defined_count'] = count(explode("\n", $article['defined'])) * 2;
    }

    //获取参数:编辑的文章种类
    $cat_id = $check->is_number($_REQUEST['cat_id']) ? $_REQUEST['cat_id'] : 0;
    $now_year = date('Y');
    $years = array();
    for ($x=$now_year; $x>=2001; $x--) {
        array_push($years, $x);
    }

    // CSRF防御令牌生成
    $smarty->assign('token', $firewall->get_token());
    
    // 赋值给模板
    if ($cat_id) {
        $smarty->assign('cur', $cat_id);
        $cat_parent_id = $dou->get_one("SELECT parent_id FROM " . $dou->table('article_category') . " WHERE cat_id = '$cat_id'");
        if($cat_parent_id){
            $cat_child = $dou->get_category('article_category', $cat_parent_id);
        }
        else{
            $cat_child = $dou->get_category('article_category', $cat_id);
        }
        $smarty->assign('cat_child', $cat_child);
    }
    $smarty->assign('form_action', 'update');
    $smarty->assign('years', $years);
    $smarty->assign('cur', $cat_id);
    $smarty->assign('cat_id', $cat_id);
    $smarty->assign('article_category', $dou->get_category_nolevel('article_category'));
    $smarty->assign('article', $article);
    
    $smarty->display('article.htm');
} 

elseif ($rec == 'update') {
    // 验证标题
    if (empty($_POST['title'])) $dou->dou_msg($_LANG['article_name'] . $_LANG['is_empty']);
        
    // 图片上传
    if ($_FILES['image']['name'] != "")
        $image = ", image = '" . $images_dir . $img->upload_image('image', $img->create_file_name('article', $_POST['id'], 'image')) . "'";

    // 附件上传
    if ($_FILES['file1']['name'] != "")
        $file1 = ", file1 = '" . $files_dir . $file->upload_file('file1', $file->create_file_name('article', $_POST['id'], 'file1')) . "'";
    if ($_FILES['file2']['name'] != "")
        $file2 = ", file2 = '" . $files_dir . $file->upload_file('file2', $file->create_file_name('article', $_POST['id'], 'file2')) . "'";
    if ($_FILES['file3']['name'] != "")
        $file3 = ", file3 = '" . $files_dir . $file->upload_file('file3', $file->create_file_name('article', $_POST['id'], 'file2')) . "'";
    
    // 格式化自定义参数
    $update_time = time();
    $_POST['defined'] = str_replace("\r\n", ',', $_POST['defined']);
    
    // CSRF防御令牌验证
    $firewall->check_token($_POST['token']);
    
    $sql = "UPDATE " . $dou->table('article') . " SET cat_id = '$_POST[cat_id]', title = '$_POST[title]', lang = '$_POST[lang]', rgcat_id = '$_POST[rgcat_id]', defined = '$_POST[defined]' ,content = '$_POST[content]'" . $image . $file1 . $file2 . $file3 .
        ", add_time = '$update_time', date = '$_POST[date]', author = '$_POST[author]', publisher = '$_POST[publisher]', url = '$_POST[url]', keywords = '$_POST[keywords]', description = '$_POST[description]', sort = '$_POST[sort]' WHERE id = '$_POST[id]'";
    $dou->query($sql);
    
    $dou->create_admin_log($_LANG['article_edit'] . ': ' . $_POST['title']);
    $dou->dou_msg($_LANG['article_edit_succes'], 'article.php?cat_id=' . $_POST[cat_id]);
} 

/**
 * +----------------------------------------------------------
 * 文章删除
 * +----------------------------------------------------------
 */
elseif ($rec == 'del') {
    // 验证并获取合法的ID
    $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : $dou->dou_msg($_LANG['illegal'], 'article.php');
    $cat_id = $check->is_number($_REQUEST['cat_id']) ? $_REQUEST['cat_id'] : $dou->dou_msg($_LANG['illegal'], 'article.php');
    $title = $dou->get_one("SELECT title FROM " . $dou->table('article') . " WHERE id = '$id'");
    
    if (isset($_POST['confirm']) ? $_POST['confirm'] : '') {
        // 删除相应商品图片
        $image = $dou->get_one("SELECT image FROM " . $dou->table('article') . " WHERE id = '$id'");
        $dou->del_image($image);

        // 删除相应的附件
        $file1 = $dou->get_one("SELECT file1 FROM " . $dou->table('article') . " WHERE id = '$id'");
        if($file1) @unlink(ROOT_PATH . $file1);
        $file2 = $dou->get_one("SELECT file2 FROM " . $dou->table('article') . " WHERE id = '$id'");
        if($file2) @unlink(ROOT_PATH . $file2);
        $file3 = $dou->get_one("SELECT file3 FROM " . $dou->table('article') . " WHERE id = '$id'");
        if($file3) @unlink(ROOT_PATH . $file3);
        
        $dou->create_admin_log($_LANG['article_del'] . ': ' . $title);
        $dou->delete($dou->table('article'), "id = '$id'", 'article.php?cat_id=' . $cat_id);
    } else {
        $_LANG['del_check'] = preg_replace('/d%/Ums', $title, $_LANG['del_check']);
        $dou->dou_msg($_LANG['del_check'], 'article.php', '', '30', "article.php?rec=del&id=$id&cat_id=$cat_id");
    }
} 

/**
 * +----------------------------------------------------------
 * 批量操作选择
 * +----------------------------------------------------------
 */
elseif ($rec == 'action') {
    if (is_array($_POST['checkbox'])) {
        if ($_POST['action'] == 'del_all') {
            // 批量文章删除
            $dou->del_all('article', $_POST['checkbox'], 'id', 'image');
        } elseif ($_POST['action'] == 'category_move') {
            // 批量移动分类
            $dou->category_move('article', $_POST['checkbox'], $_POST['new_cat_id']);
        } else {
            $dou->dou_msg($_LANG['select_empty']);
        }
    } else {
        $dou->dou_msg($_LANG['article_select_empty']);
    }
}

/**
 * +----------------------------------------------------------
 * 首页商品筛选
 * +----------------------------------------------------------
 */
elseif ($rec == 'sort') {
    // act操作项的初始化
    $act = $check->is_rec($_REQUEST['act']) ? $_REQUEST['act'] : '';
 
    if ($act == 'handle') { // 打开筛选功能
        $_SESSION['if_sort'] = $_SESSION['if_sort'] ? false : true;
    } elseif ($act == 'set') { // 设为首页显示商品
        // 验证并获取合法的ID
        $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : $dou->dou_msg($_LANG['illegal'], 'article.php');
     
        $max_sort = $dou->get_one("SELECT sort FROM " . $dou->table('article') . " ORDER BY sort DESC");
        $new_sort = $max_sort + 1;
        $dou->query("UPDATE " . $dou->table('article') . " SET sort = '$new_sort' WHERE id = '$id'");
    } elseif ($act == 'cancel') { // 取消首页显示商品
        // 验证并获取合法的ID
        $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : $dou->dou_msg($_LANG['illegal'], 'article.php');
        
        $dou->query("UPDATE " . $dou->table('article') . " SET sort = '' WHERE id = '$id'");
    } 
    
    // 跳转到上一页面
    $dou->dou_header($_SERVER['HTTP_REFERER']);
}
?>